﻿<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="NotifyCallback.aspx.cs"  %>
<%@ Import Namespace="com.unionpay.upop.sdk" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
    <title>无标题页</title>
</head>
<body>
    <form id="form1" runat="server">
    <div>
    <%
        // 要使用各种Srv必须先使用LoadConf载入配置
        UPOPSrv.LoadConf(Server.MapPath("./App_Data/conf.xml.config"));
        
        // 使用Post过来的内容构造SrvResponse
        SrvResponse resp = new SrvResponse (Util.NameValueCollection2StrDict(Request.Form ));
        
        // 收到回应后做后续处理（这里写入文件，仅供演示）
        System.IO.StreamWriter sw = new System.IO.StreamWriter(Server.MapPath ("./notify_data.txt"));
        
        if(resp.ResponseCode != SrvResponse.RESP_SUCCESS )
        {
            sw.WriteLine("error in parsing response message! code:" + resp.ResponseCode );
            sw.Close();  
        }
        else
        {
            foreach (string k in resp.Fields.Keys  )
            {
                sw.WriteLine (k + "\t = " + resp.Fields[k]);
            }
            sw.Close(); 

            //判断处理后的订单号与提交的订单号是否一致
            string userName = Session["userName"].ToString();
            string password = Session["password"].ToString();

            string ConStr = "Provider=Microsoft.Jet.OLEDB.4.0;data source=" + Server.MapPath("./App_Data/paymentInfo.mdb");//创建OleDbConnection对象 
            System.Data.OleDb.OleDbConnection con = new System.Data.OleDb.OleDbConnection(ConStr);
            con.Open();

            if (con.State == System.Data.ConnectionState.Open)
            {
                System.Data.OleDb.OleDbCommand cmd = new System.Data.OleDb.OleDbCommand("select * from record where username=@userName and password=@password", con);
                cmd.Parameters.Add("@userName", userName);
                cmd.Parameters.Add("@password", password);
                System.Data.OleDb.OleDbDataReader reader = cmd.ExecuteReader();
                reader.Read();
                string beforeOrderId = reader["orderid"].ToString();

                string afterOrderId = resp.Fields["orderNumber"];
                
                //如果前后订单号一致，则进一步处理
                if (beforeOrderId.Equals(afterOrderId))
                {
                    System.Data.OleDb.OleDbCommand cmd1 = new System.Data.OleDb.OleDbCommand("update record set result=1 where username=@userName and password=@password", con);
                    cmd1.Parameters.Add("@userName", userName);
                    cmd1.Parameters.Add("@password", password);
                    int count = cmd1.ExecuteNonQuery();

                    if (1 == count)
                    {
                        Session["result"] = "1";
                        Response.Redirect("paymentInfo.aspx");
                    }
                }
                else { 
                    //若订单不同，则跳转到error页处理
                }
                
                

            }
            
            con.Close();
        }
        
        
        
        
        
         %>
    </div>
    </form>
</body>
</html>
